Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

WAS-CMS: Identify versions on plugins and themes on Drupal #101

Open
tarraschk opened this issue Mar 29, 2021 · 4 comments
Open

WAS-CMS: Identify versions on plugins and themes on Drupal #101

tarraschk opened this issue Mar 29, 2021 · 4 comments
Assignees

Comments

@tarraschk
Copy link
Member

Add ability to scan CMS built with Drupal.

Strategy:

  • identify plugins and themes installed on the target
  • see if we can identify the versions by parsing the CHANGELOG.txt or common files on the plugins and themes
  • use the strategy proposed by @fwininger:
    • compute hashes of JS / CSS files added by the plugins and themes
    • compare these hashes to JS / CSS files from the GitHub repositories of plugins and themes used by Drupal

Note: the strategy proposed by @fwininger could really be used on most CMS and avoid building specific scanners for each CMS.

@tarraschk
Copy link
Member Author

@OussamaBeng could you please assign yourself to this issue to "mark" that you are working on it?

@tarraschk tarraschk assigned tarraschk and unassigned tarraschk Mar 29, 2021
@OussamaBeng
Copy link
Contributor

@tarraschk I dont think i have the rights to assign myself to this issue

@tarraschk
Copy link
Member Author

@OussamaBeng I just invited you to the Wapiti Scanner organization, can you accept the invite?
I'll then be able to assign the issue to you :)

@OussamaBeng
Copy link
Contributor

@tarraschk It's done ! :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants